Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/foHcLlNALNNPD8rdk1-CYRMHuMc.roa
File: foHcLlNALNNPD8rdk1-CYRMHuMc.roa (raw, json)
Hash identifier: agin7EJnGDnhi6UHLUR1N+QkvtDyyi3HItLatHWhP20=
Subject key identifier: 7E:81:DC:2E:53:40:2C:D3:4F:0F:CA:DD:93:5F:82:61:13:07:B8:C7
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01891D9A2DDE3C4D26C5F0463E8DB7AD414A
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/foHcLlNALNNPD8rdk1-CYRMHuMc.roa
Signing time: Mon 03 Jul 2023 21:13:10 +0000
ROA not before: Mon 03 Jul 2023 21:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34872
IP address blocks: 62.3.50.0/24 maxlen: 24
45.154.97.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b641:540::/44 maxlen: 48
2a0c:b641:30::/44 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b640::/32 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1d:9a:2d:de:3c:4d:26:c5:f0:46:3e:8d:b7:ad:41:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jul 3 21:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e81dc2e53402cd34f0fcadd935f82611307b8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:c2:c6:1e:c8:94:97:0a:d8:6e:1c:89:0c:
3c:53:e5:92:eb:0a:28:5f:fd:ae:45:64:1b:15:64:
f1:19:bf:3a:9a:7b:25:47:56:c4:91:71:c9:52:25:
3d:73:12:07:b3:04:94:c7:c6:f8:92:6d:36:38:ce:
77:a8:86:c7:11:f2:83:a2:1b:9b:66:d7:93:4c:70:
49:7f:58:25:b7:37:49:56:49:6e:82:4c:04:3a:6d:
3a:6e:35:3b:46:dc:1d:72:99:2d:56:32:cf:08:3a:
f8:94:7d:0a:f4:f4:25:0d:66:a5:e5:cb:7b:e2:b7:
b4:51:27:32:45:d9:78:7b:9e:b5:f0:7e:74:ee:29:
29:7a:38:db:63:20:7b:be:8d:84:2f:31:ca:c0:11:
ab:09:88:35:76:8d:d1:27:36:f1:5e:07:19:86:a6:
12:c4:b6:ff:51:4a:97:10:0b:28:fd:29:03:e8:a2:
71:05:7f:2d:f9:17:46:35:d0:c5:25:ec:4e:65:df:
0d:61:d1:0c:06:cb:2f:30:69:4a:18:63:ce:e8:8b:
64:84:88:be:e2:6a:ad:d7:32:0d:fd:42:3a:99:2f:
5d:87:07:31:49:18:ef:77:68:31:82:82:f8:83:bd:
32:31:e0:77:5b:a4:1f:15:e4:f2:5e:e7:58:29:10:
70:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:81:DC:2E:53:40:2C:D3:4F:0F:CA:DD:93:5F:82:61:13:07:B8:C7
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/foHcLlNALNNPD8rdk1-CYRMHuMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:30::/44
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
82:ec:eb:35:73:26:98:83:d4:38:8d:3f:3e:9a:04:b0:fc:b3:
67:9c:fb:a4:07:8a:78:87:60:a8:14:34:d8:61:33:22:10:4b:
39:3c:bf:45:76:79:be:0d:38:dc:e8:8e:47:38:fc:c3:9f:8e:
14:19:e6:45:77:6e:70:4e:d3:ed:51:e8:35:60:52:57:e2:9b:
ce:60:45:6b:0f:65:8a:71:29:17:8b:1e:25:88:a4:b3:6c:41:
5c:ef:53:82:9b:69:15:ed:77:e7:ec:63:23:65:ab:35:fb:92:
af:06:03:13:2e:f3:3c:82:b7:aa:29:3a:2a:bd:2a:85:86:da:
ac:e4:26:79:11:10:c1:3c:05:d0:9b:52:9a:bc:29:1b:02:49:
d5:99:35:2b:ad:bd:ab:eb:cb:4c:56:5f:a3:e9:90:a5:63:fa:
7e:69:19:4d:52:d0:74:33:16:ab:ab:a5:3e:a3:01:e6:e0:8a:
1f:aa:ba:78:98:24:d7:0b:dc:93:e8:7e:e3:b7:47:09:44:e2:
71:4b:de:e2:d3:30:0e:c4:69:60:c5:d2:44:2c:33:09:e4:b7:
01:3a:60:3e:15:51:ad:41:5d:38:af:ef:f1:ce:f7:4e:bb:ca:
cd:17:1a:ca:34:f9:60:69:72:fa:d0:2d:e3:a7:a3:c2:28:52:
5b:53:7f:7b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYkdmi3ePE0mxfBGPo23rUFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNzAzMjExMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgxZGMyZTUzNDAyY2QzNGYwZmNhZGQ5MzVmODI2MTEzMDdiOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEzCxh7IlJcK2G4ciQw8U+WS6woo
X/2uRWQbFWTxGb86mnslR1bEkXHJUiU9cxIHswSUx8b4km02OM53qIbHEfKDohub
ZteTTHBJf1gltzdJVklugkwEOm06bjU7RtwdcpktVjLPCDr4lH0K9PQlDWal5ct7
4re0UScyRdl4e5618H507ikpejjbYyB7vo2ELzHKwBGrCYg1do3RJzbxXgcZhqYS
xLb/UUqXEAso/SkD6KJxBX8t+RdGNdDFJexOZd8NYdEMBssvMGlKGGPO6ItkhIi+
4mqt1zIN/UI6mS9dhwcxSRjvd2gxgoL4g70yMeB3W6QfFeTyXudYKRBwDQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFH6B3C5TQCzTTw/K3ZNfgmETB7jHMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZm9IY0xsTkFMTk5QRDhyZGsxLUNZUk1IdU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAYBAIAATASAwQALZphAwQA
PgMyAwQBwhxiMDoEAgACMDQwEAMFBioMtkADBwUqDLZBAAADBwQqDLZBADADBwQq
DLZBBUADBwAqDLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQCC7Os1cyaY
g9Q4jT8+mgSw/LNnnPukB4p4h2CoFDTYYTMiEEs5PL9Fdnm+DTjc6I5HOPzDn44U
GeZFd25wTtPtUeg1YFJX4pvOYEVrD2WKcSkXix4liKSzbEFc71OCm2kV7Xfn7GMj
Zas1+5KvBgMTLvM8greqKToqvSqFhtqs5CZ5ERDBPAXQm1KavCkbAknVmTUrrb2r
68tMVl+j6ZClY/p+aRlNUtB0Mxarq6U+owHm4Iofqrp4mCTXC9yT6H7jt0cJROJx
S97i0zAOxGlgxdJELDMJ5LcBOmA+FVGtQV04r+/xzvdOu8rNFxrKNPlgaXL60C3j
p6PCKFJbU397
-----END CERTIFICATE-----
Generated at Sun Dec 3 16:09:04 2023 by rpki-client on console-fra.rpki-client.org